From 3a0dd548e0aade8d8fb8eeae1234beb59a9aef96 Mon Sep 17 00:00:00 2001 From: Bence Csati Date: Thu, 28 Nov 2024 13:31:21 +0100 Subject: [PATCH 1/2] chore(deps): bump actions/* deps to latest Signed-off-by: Bence Csati --- .github/archive/trigger-submodule-update.yaml | 2 +- .github/workflows/artifacts.yaml | 16 ++++++++-------- .github/workflows/ci.yaml | 14 +++++++------- .github/workflows/e2e.yaml | 18 +++++++++--------- 4 files changed, 25 insertions(+), 25 deletions(-) diff --git a/.github/archive/trigger-submodule-update.yaml b/.github/archive/trigger-submodule-update.yaml index e233a7630..fbb3bffb6 100644 --- a/.github/archive/trigger-submodule-update.yaml +++ b/.github/archive/trigger-submodule-update.yaml @@ -12,7 +12,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v3 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set Git refname id: set-git-refname diff --git a/.github/workflows/artifacts.yaml b/.github/workflows/artifacts.yaml index afe81e850..ee758632d 100644 --- a/.github/workflows/artifacts.yaml +++ b/.github/workflows/artifacts.yaml @@ -67,7 +67,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up QEMU uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 @@ -220,7 +220,7 @@ jobs: output: trivy-results.sarif - name: Upload Trivy scan results as artifact - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: "[${{ github.job }}] Trivy scan results" path: trivy-results.sarif @@ -248,7 +248,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Helm uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 @@ -288,7 +288,7 @@ jobs: echo "package=${{ steps.chart-name.outputs.value }}-${{ steps.version.outputs.value }}.tgz" >> "$GITHUB_OUTPUT" - name: Upload chart as artifact - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: "[${{ github.job }}] Helm chart" path: ${{ steps.build.outputs.package }} @@ -372,7 +372,7 @@ jobs: output: trivy-results.sarif - name: Upload Trivy scan results as artifact - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: "[${{ github.job }}] Trivy scan results" path: trivy-results.sarif @@ -405,7 +405,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Helm uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 @@ -445,7 +445,7 @@ jobs: echo "package=${{ github.workspace }}/${{ env.subchartName }}-${{ steps.version.outputs.value }}.tgz" >> "$GITHUB_OUTPUT" - name: Upload chart as artifact - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: "[${{ github.job }}] Helm chart" path: ${{ steps.build.outputs.package }} @@ -495,7 +495,7 @@ jobs: output: trivy-results.sarif - name: Upload Trivy scan results as artifact - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: "[${{ github.job }}] Trivy scan results" path: trivy-results.sarif diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 313836726..e6b420cac 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -14,10 +14,10 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Go - uses: actions/setup-go@v4 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: '1.23' @@ -41,10 +41,10 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Go - uses: actions/setup-go@v4 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: '1.23' @@ -59,15 +59,15 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Go - uses: actions/setup-go@v4 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: '1.23' - name: Cache licenses - uses: actions/cache@v3 + uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 with: key: licensei-v2-${{ hashFiles('go.sum') }} path: | diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index 7d95c33d1..41b2bed8f 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 @@ -35,7 +35,7 @@ jobs: GO_BUILD_FLAGS=-cover -covermode=atomic - name: Upload artifact - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: controller path: /tmp/controller.tar @@ -55,7 +55,7 @@ jobs: uses: docker/setup-buildx-action@v2 - name: Download artifact - uses: actions/download-artifact@v3 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: controller path: /tmp @@ -66,7 +66,7 @@ jobs: docker image ls -a - name: Set up Go - uses: actions/setup-go@v4 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GO_VERSION }} @@ -76,7 +76,7 @@ jobs: version: ${{ env.KUBECTL_VERSION }} - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Run e2e tests run: make test-e2e-ci @@ -91,7 +91,7 @@ jobs: - name: Archive Test Results if: always() - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: go-e2e-test-cluster-logs path: build/_test @@ -111,7 +111,7 @@ jobs: uses: docker/setup-buildx-action@v2 - name: Download artifact - uses: actions/download-artifact@v3 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: controller path: /tmp @@ -127,7 +127,7 @@ jobs: version: ${{ env.KUBECTL_VERSION }} - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 # See https://github.com/kubernetes-sigs/kind/releases/tag/v0.20.0 - name: Determine KinD node image version @@ -166,7 +166,7 @@ jobs: - name: Archive Test Results if: always() - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: script-e2e-test-cluster-logs-${{ matrix.kube }} path: build/_test From e5e8338eadfa019b1c6e8d9ec619109996e6d51e Mon Sep 17 00:00:00 2001 From: Bence Csati Date: Thu, 28 Nov 2024 13:37:54 +0100 Subject: [PATCH 2/2] chore(deps): bump all other workflow deps Signed-off-by: Bence Csati chore(deps): bump all other workflow deps Signed-off-by: Bence Csati --- .github/workflows/artifacts.yaml | 12 ++++++------ .github/workflows/ci.yaml | 2 +- .github/workflows/e2e.yaml | 12 ++++++------ 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/artifacts.yaml b/.github/workflows/artifacts.yaml index ee758632d..97f86889a 100644 --- a/.github/workflows/artifacts.yaml +++ b/.github/workflows/artifacts.yaml @@ -70,10 +70,10 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up QEMU - uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 + uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@4c0219f9ac95b02789c1075625400b2acbff50b1 # v2.9.1 + uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 - name: Set up Cosign uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 @@ -84,7 +84,7 @@ jobs: - name: Gather build metadata id: meta - uses: docker/metadata-action@818d4b7b91585d195f67373fd9cb0332e31a7175 # v4.6.0 + uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1 with: images: ${{ steps.image-name.outputs.value }} flavor: | @@ -111,7 +111,7 @@ jobs: if_false: type=oci,dest=image.tar - name: Login to GitHub Container Registry - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: registry: ghcr.io username: ${{ github.actor }} @@ -120,7 +120,7 @@ jobs: - name: Build and push image id: build - uses: docker/build-push-action@2eb1c1961a95fc15694676618e422e8ba1d63825 # v4.1.1 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: context: . platforms: linux/amd64,linux/arm64,linux/arm/v7 @@ -294,7 +294,7 @@ jobs: path: ${{ steps.build.outputs.package }} - name: Login to GitHub Container Registry - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: registry: ghcr.io username: ${{ github.actor }} diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index e6b420cac..9a8bc4b61 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -31,7 +31,7 @@ jobs: run: make generate-test-coverage - name: Test Coverage - uses: vladopajic/go-test-coverage@v2 + uses: vladopajic/go-test-coverage@72cd73a57f1fc4c77c41952f0f1c81c3a69e3c17 # v2.10.5 with: config: ./.testcoverage.yml diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index 41b2bed8f..39417ebef 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -20,10 +20,10 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 - name: Build and export - uses: docker/build-push-action@v4 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: context: . tags: controller:local @@ -52,7 +52,7 @@ jobs: steps: - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 - name: Download artifact uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 @@ -85,7 +85,7 @@ jobs: # SHARDS: ${{ matrix.SHARDS }} - name: Test Coverage - uses: vladopajic/go-test-coverage@v2 + uses: vladopajic/go-test-coverage@72cd73a57f1fc4c77c41952f0f1c81c3a69e3c17 # v2.10.5 with: profile: ./build/_test_coverage/coverage_e2e.out @@ -108,7 +108,7 @@ jobs: steps: - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 - name: Download artifact uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 @@ -122,7 +122,7 @@ jobs: docker image ls -a - name: Set up kubectl - uses: azure/setup-kubectl@v3 + uses: azure/setup-kubectl@3e0aec4d80787158d308d7b364cb1b702e7feb7f # v4.0.0 with: version: ${{ env.KUBECTL_VERSION }}